Lucene search
K

53 matches found

NVD
NVD
added 2026/06/24 4:16 p.m.10 views

CVE-2026-49269

Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...

8.6CVSS0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51825

Name of the Vulnerable Software and Affected Versions Apple M1 GPUs affected versions not specified Description Apple M1 GPUs retain register file data between compute shader dispatches from different processes. This allows a sandboxed Metal attacker application to execute a GPU reader shader to...

8.6CVSS5.8AI score0.00303EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : microcode_ctl-20200609-2.20201027.1.el8 (AXSA:2021-1384:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1384:02 advisory. hw: Information disclosure issue in Intel SGX via RAPL interface CVE-2020-8695 hw: Vector Register Leakage-Active CVE-2020-8696 hw: Fast forward sto...

5.5CVSS7AI score0.0051EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/13 4:27 p.m.23 views

CVE-2025-25176 GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world

Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform...

0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 4:27 p.m.2 views

CVE-2025-25176 GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world

Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform...

6.5AI score0.00309EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/08/14 12:0 a.m.10 views

The vulnerability of Intel microprogramming software, related to the leakage of information from vector registers, allows attackers to gain access to protected information.

The vulnerability of Intel microprogramming software is related to the leakage of information from vector registers. Exploiting this vulnerability can allow an attacker to gain access to protected information...

6.5CVSS7AI score0.03882EPSS
Exploits1References27Affected Software9
RedHat Linux
RedHat Linux
added 2023/06/29 9:14 a.m.8 views

golang: runtime: unexpected behavior of setuid/setgid binaries

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standard I/...

7.8CVSS6.8AI score0.00432EPSS
Exploits0References8
OSV
OSV
added 2023/06/08 9:15 p.m.3 views

DEBIAN-CVE-2023-29403

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...

7.8CVSS6.9AI score0.00432EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.5 views

AZL-27121 CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...

7.8CVSS6.8AI score0.00432EPSS
Exploits0References1
Snyk
Snyk
added 2023/06/08 8:16 p.m.5 views

Incorrect Privilege Assignment

Overview std/runtime is a Go standard library package std/runtime Affected versions of this package are vulnerable to Incorrect Privilege Assignment. Go Vulnerability Report:On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be...

8.5CVSS6.8AI score0.00432EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/05 12:0 a.m.5 views

PT-2023-3108

Name of the Vulnerable Software and Affected Versions Go affected versions not specified Description The issue is related to the Go runtime not behaving differently when a binary is run with the setuid/setgid bits on Unix platforms. This can be dangerous in certain cases, such as when dumping...

9.8CVSS7.1AI score0.91969EPSS
Exploits1References100
RedHat Linux
RedHat Linux
added 2021/08/31 7:59 a.m.3 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/08/24 10:1 a.m.3 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.44 views

RHEL 7 : microcode_ctl (RHSA-2021:3029)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3029 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

8.8CVSS7.1AI score0.00587EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2021/08/10 4:13 p.m.3 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/08/10 12:0 a.m.20 views

CentOS: Security Advisory for microcode_ctl (CESA-2021:3028)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6.8AI score0.00587EPSS
Exploits0References2
Cent OS
Cent OS
added 2021/08/09 3:29 p.m.608 views

microcode_ctl security update

CentOS Errata and Security Advisory CESA-2021:3028 An update for microcodectl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.8CVSS7AI score0.00587EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/08/09 12:0 a.m.58 views

CentOS 7 : microcode_ctl (CESA-2021:3028)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3028 advisory. - hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 - hw: Vector Register Data Sampling CVE-2020-0548 - hw: L1D Cache Eviction Sampling...

8.8CVSS7AI score0.00587EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2021/08/09 12:0 a.m.103 views

RHEL 7 : microcode_ctl (RHSA-2021:3028)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3028 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

8.8CVSS7.1AI score0.00587EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2021/02/22 11:57 a.m.3 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
Rows per page
Query Builder